| Training Type | Classroom & Online |
|---|---|
| Course Duration | 95 Days |
| No. of Hours | Weekdays( Mon to Thu)- 2hrs/Day, Weekend (Sat & Sun)- 4hrs/Day, Only Sunday- 6hrs Per Day |
| Certificate | Yes |
| Skill Level | Intermediate |
| Study Material | Yes |
| Batches Available | (Mon-Thu) & (Sat-Sun) |
Roadmap
Roadmap
Course Outline
- Recognize the challenges faced by information security domain.
- Understand how Offensive and Defensive security works?
- Understand the prespective of attackers and defenders and how they learn it from each other.
- Understand the difference between risks, threats, vulnerabilities, and exploits.
- List and describe various types of threat actors.
- To get to know about recent types of cyber security attacks.
- Understand why it is important to protect the confidentiality, integrity and availiability of data?
- Understand the importance of multi layer defence security strategies.
- Learn how to do threat intelligence and its applications in an organisation?
- Learn why access and user privileges should be restricted and controlled?
- Understand why security should not depend on secrecy?
- Identify policies that can mitigate threats to an organization.
- Determine what preventive measures an organization can use to mitigate cybersecurity threats.
- Understand the various legal and regulatory issues surrounding cybersecurity.
- Understand different frameworks and standards that help organizations to frame their cybersecurity activities.
- Review the deliverables for penetration testing works.
- Understand the general structure of pentesting documentation.
- Choose the right note-taking tool & Understand the importance of taking screenshots and use of tools for screenshots.
- Understand the purpose of a technical report & Understand how to specifically tailor content to construct an Executive Summary.
- Develop a technical summary & describe technical findings with recommendations.
- Understand when to use appendices, resources, and references?
- Understand the stages of Penetration Testing.
- Understand different types of Penetration tesing such as White Box, Grey Box, Black Box.
- Learn the role of Information Gathering inside each stage.
- Understand the differences between Active and Passive Information Gathering.
- Understand the different Passive Information Gathering approaches.
- Learn about Open Source Intelligence (OSINT).
- Understand Web Server and DNS passive information gathering.
- Understand the different Active Information Gathering approaches.
- Learn to use tool such as Netcat and Nmap for port scanning.
- Enumerate DNS, SMB, SMTP, and SNMP.
- Understand Living off the Land(LOTL) Attacks and Techniques.
- Understand why we need Vulnerability Scanning process?
- Learn various types of Vulnerability Scans.
- Understand the considerations of Vulnerability Scans.
- Understand Vulnerability Scanning with Nessus.
- Understand the different Nessus Components and Configure and perform vulnerability scans.
- Review the results and work with the results of vulnerability scans with Nessus.
- Provide credentials to perform an authenticated vulnerability scan and gain understanding of Nessus Plugins.
- Learn Vulnerability Scanning with Nmap.
- Understand the basics of the Nmap Scripting Engine (NSE) and Work with custom NSE scripts.
- What are the different types of Web Application Assessment Methodologies?
- Learn requirements of web application security testing.
- Learn about the OWASP Top10 and most common web vulnerabilities and Attacks.
- Perform different enumeration techniques on web applications.
- Understand the concept of Web Proxies theory.
- Learn how to work with Burp Suite proxy for web application testing?
- Learn how to debug Web Application source code?
- Understand how to enumerate and inspect Headers, Cookies, and Source Code?
- Learn how to conduct API testing methodologies?
- Understand different types of Cross-Site Scripting vulnerabilities.
- Exploit Cross-Site Scripting and Perform Privilege Escalation using Cross-Site Scripting.
- Understand absolute and relative paths.
- Learn how to exploit directory traversal vulnerabilities and Use encoding for special characters?
- Learn the difference between File Inclusion Attack and Directory Traversal Attack/vulnerability.
- Understand File Inclusion vulnerabilities.
- Understand how to leverage Local File Inclusion(LFI), to obtain code execution?
- Understand how to use PHP Wrapper?
- Learn how to perform Remote File Inclusion (RFI) attacks?
- Understand File Upload Vulnerabilities and Learn how to identify File Upload vulnerabilities.
- Explore different vectors to exploit File Upload vulnerabilities.
- Learn about command injection attack in web applications and Use operating system commands for OS command injection.
- Understand how to leverage command injection vulnerability to gain system access?
- Learn the fundamentals of SQL theory and learn different DB types.
- Learn how to use different SQL syntax?
- How to Manually Identify SQL injection vulnerabilities.
- Understand UNION SQLi payloads.
- Learn about Error SQLi payloads.
- Understand Blind SQLi payloads.
- Exploit MSSQL Databases with xp_cmdshell and Automate SQL Injection with SQLmap.
- Gather information to prepare client-side attacks.
- Leverage client fingerprinting to obtain information.
- Understand variations of Microsoft Office client-side attacks.
- Leverage Microsoft Word Macros and Abusing Windows Library.
- Prepare an attack with Windows library.
- Leverage Windows shortcuts to obtain code execution.
- Understand the risk of executing untrusted exploits.
- Understand the importance of analyzing the exploit code before execution.
- Access multiple online exploit resources for Exploitation.
- Use Google search operators to discover public exploits.
- Access Multiple offline Exploit Frameworks using SearchSploit and Nmap NSE Scripts.
- Understand a basic penetration test workflow to enumerate a target system.
- How to Exploit a machine that is vulnerable to public exploits?
- How to Discover appropriate exploits for a target system?
- How to Execute a public exploit to gain limited shell on a target host?
- How to Fix Memory Corruption Exploits?
- Understand how high-level buffer overflow Works.
- What are the Cross-compile binaries?
- Modify and update memory corruption exploits.
- How to Fix Web application exploits and Troubleshoot common web application exploit issues?
- Understand Different Antivirus Evasion Software.
- Understand what are the Key Components of Anti Virus?
- How to Recognize known vs unknown threats?
- Understand AV detection engines.
- Understand antivirus evasion techniques.
- How to manually evade AV solutions?
- Leverage automated tools for AV evasion.
- Attacking Network Services Logins such as SSH, RDP, HTTP POST login forms.
- Understand the fundamentals of password cracking and Methodology.
- What is Mutate Wordlists?
- How to Attack password manager key files?
- How to Attack the passphrase of SSH private keys?
- How Password Attacks Works with Password Hashes?
- How to Obtain and crack NTLM hashes?
- How to Pass NTLM hashes?
- How to Obtain and crack Net-NTLMv2 hashes?
- How to Relay Net-NTLMv2 hashe?
- How to Enumerating Windows?
- Understand Windows privileges and access control mechanisms?
- How Search for sensitive information on Windows systems are generated by PowerShell?
- Get familiarized with automated enumeration tools.
- How to Leverage Windows Services and understand how to Hijack service binaries and service DLLs?
- Understand the concept of Abuse Unquoted service paths.
- How to Abuse other Windows Components and Leverage Scheduled Tasks to elevate our privileges?
- Understand the different types of exploits leading to privilege escalation and Abuse privileges to execute code as privileged user accounts.
- Understand files and user privileges on Linux.
- How to Perform manual enumeration?
- How to Conduct automated enumeration?
- Exposed Confidential Information such as user history files.
- Inspect user and system trails for credential harvesting.
- Abuse Insecure cron jobs and Insecure file permissions to escalate privileges.
- Understand How to Abuse SUID programs and capabilities for privilege escalation
- Circumvent special sudo permissions to escalate privileges.
- How to Enumerate the system’s kernel for known vulnerabilities, then abuse them for privilege escalation?
- Understand Port Forwarding with *NIX Tools.
- Learn about port forwarding and its working.
- Understand why and when to use port forwarding.
- Use Socat for port forwarding.
- Learn about SSH tunneling working.
- Understand how to perform SSH local & dynamic port forwarding?
- Understand how to perform SSH remote port forwarding and SSH remote dynamic port forwarding?
- Understand port forwarding and tunneling with ssh.exe on Windows.
- Understand port forwarding and tunneling with Plink.
- Understand port forwarding with Netsh.
- Learn How HTTP tunneling works?
- Perform HTTP tunneling with Chisel.
- Learn How DNS tunneling works?
- How to Perform DNS tunneling with dnscat.
- Getting Familiar with Metasploit Framework.
- Setup and navigate Metasploit and Use auxiliary modules.
- Leverage exploit modules Using Metasploit Payloads.
- Understand the differences between staged and non-staged payloads.
- Explore the Meterpreter payload and Create executable payloads.
- Performing Post-Exploitation with Metasploit.
- Use core Meterpreter post-exploitation features.
- Use post-exploitation modules.
- How to Perform pivoting with Metasploit Framework?
- Create resource scripts and Use resource scripts in Metasploit.
- How to do Manual Enumeration Active Directory?
- Learn Enumeration of Active Directory using legacy Windows applications.
- How to Use PowerShell and .NET to perform additional AD enumeration?
- Learn how to Enumerate Operating Systems Permissions and logged on users?
- Learn how to Enumerate Through Service Principal Names?
- Learn how to Enumerate Object Permissions?
- Learn how to Explore Domain Shares?
- Learn how to Collect domain data using SharpHound?
- Learn how to Analyze domain data using BloodHound?
- Learn how to Understand NTLM Authentication?
- Learn how to Understand Kerberos Authentication?
- Learn how to Become familiar with cached AD Credentials?
- Understand the Usage of password attacks to obtain valid user credentials.
- Learn how to Abuse the enabled use account options?
- Learn how to Abuse the Kerberos SPN authentication mechanism?
- Learn how to use Forge service tickets?
- Learn how to Impersonate a domain controller to retrieve any domain user credentials?
- Understand WMI, WinRS, and WinRM lateral movement techniques.
- Learn how to Abuse PsExec for lateral movement?
- Learn about Pass The Hash and Overpass The Hash as lateral movement techniques.
- Understand the Misuse of DCOM to move laterally.
- Understand the general purpose of persistence techniques.
- Learn how to Leverage golden tickets as a persistence attack?
- Learn how to do shadow copies and how they can be abused for persistence?
- Enumerate machines on a public network and Obtain useful information to utilize for later attacks.
- Learn to Utilize vulnerabilities in WordPress Plugins.
- Learn to Crack the passphrase of a SSH private key.
- Learn to Elevate privileges using sudo commands.
- Understand to Leverage developer artifacts to obtain sensitive information.
- Learn How to Validate domain credentials from a non-domain-joined machine?
- How to Perform phishing to get access to internal network?
- Enumerate hosts, services, and sessions in a target network.
- Learn How to Perform Kerberoasting?
- Learn How to Abuse a WordPress Plugin function for a Relay attack?
- Learn How to Gaining Access to the Domain Controller?
- How to Gather information to prepare client-side attacks and Leverage client fingerprinting to obtain information?
- Learn about the different kinds of Challenge Labs.
- Understand high level overview of each scenario.
- Understand how to treat the mock OSCP Challenge Labs?
- Understand how to think about the concept of dependency?
- Understand the lack of meaning inherent to IP address ordering.
- Learn about the concept of “decoy” machines.
- Learn how Routers and Network Address Translation affects the scenarios?
- Understand how to treat the credentials and password attacks?
- Learn about the OSCP Certification Exam.
| Track | Classroom & Online |
|---|---|
| Duration | 95 Days |
| Hours | Weekdays( Mon to Thu)- 2hrs/Day, Weekend (Sat & Sun)- 4hrs/Day, Only Sunday- 6hrs Per Day |
